Authors: Gilles Barthe, Benjamin Grégoire and Vincent Laporte
Paper Information
Title: | Secure compilation of side-channel countermeasures: the case of cryptographic “constant-time” |
Authors: | Gilles Barthe, Benjamin Grégoire and Vincent Laporte |
Proceedings: | CSF CSF Proceedings |
Editors: | Stephen Chong, Stephanie Delaune and Deepak Garg |
Keywords: | cryptographic constant-time, secure compilation, formal proofs |
Abstract: | ABSTRACT. Software-based countermeasures provide effective mitigation against side-channel attacks, often with minimal efficiency and deployment overheads. Their effectiveness is often amenable to rigorous analysis: specifically, several popular countermeasures can be formalized as information flow policies, and correct implementation of the countermeasures can be verified with state-of-the-art analysis and verification techniques. However, in absence of further justification, the guarantees only hold for the language (source, target, or intermediate representation) on which the analysis is performed. We consider the problem of preserving side-channel countermeasures by compilation for cryptographic “constant-time”, a popular countermeasure against cache-based timing attacks. We present a general method, based on the notion of 2-simulation, for proving that a compilation pass preserves the constant-time countermeasure. Using the Coq proof assistant, we verify the correctness of our method and of several representative instantiations. |
Pages: | 16 |
Talk: | Jul 12 10:00 (Session 71: Side channels) |
Paper: |